In today’s fast-evolving ransomware landscape, threat actors are accelerating their tactics to gain access and deploy payloads with alarming speed. Increasingly, attackers are leveraging known vulnerabilities as entry points, as seen in a recent attack where adversaries exploited CVE-2023-22527, a maximum-severity template injection flaw in Atlassian Confluence, to compromise an internet-exposed system. Just 62 hours […]
According to Sophos, ransomware recovery costs surged to $2.73 million in 2024—marking a staggering 500% increase over the previous year and highlighting the growing financial impact of cyberattacks. As ransomware continues to dominate the threat landscape, adversaries are rapidly evolving their techniques and developing new malware variants. One of the latest additions is Gunra, a […]
Hot on the heels of the CVE-2025-1449 disclosure, a vulnerability in Rockwell Automation software, another critical security issue affecting widely used software products is now drawing the attention of the defenders. CVE-2025-29824 is a zero-day vulnerability in the Windows Common Log File System (CLFS) that gives threat actors the green light to escalate privileges to […]
According to Sophos, ransomware recovery costs soared to $2.73 million in 2024, displaying a 500% rise compared to 2023 and underscoring the escalating financial toll of cyberattacks. The FBI, CISA, and MS-ISAC have recently issued a joint advisory on Medusa ransomware, which has impacted over 300 victims across critical infrastructure sectors as of February 2025. […]
Ransomware remains a top cybersecurity threat, with attack costs soaring to $2.73 million per incident, nearly $1 million higher than in 2023, according to Sophos. As ransomware operations grow in complexity, new threat groups continue to emerge, seeking massive financial gains. One such group is Hellcat, a newly identified Ransomware-as-a-Service (RaaS) threat group first spotted […]
Increasing ransomware volumes, expanding hacker collectives, and record-breaking damage costs are redefining the cyber risk arena. The FBI, CISA, and partners have recently issued a joint cybersecurity alert warning the global cyber defender community of increasing Ghost (Cring) ransomware attacks aimed at financial gain. China-affiliated hackers have compromised organizations from multiple industries, including the critical […]
Emerging last year as the successor to Royal ransomware, BlackSuit has quickly evolved into a highly sophisticated malicious spinoff, aggressively targeting organizations worldwide. Security researchers have recently observed a significant surge in activity by the Ignoble Scorpius group, the operator behind BlackSuit, with over 90 organizations falling victim to their relentless intrusions. Detect BlackSuit Ransomware […]
Following a wave of cyber attacks by the Iran-linked hacking collective tracked as Pioneer Kitten, the FBI, CISA, and authoring partners issue a new alert notifying defenders of a growing threat posed by BianLian Ransomware Group, which primarily targets critical infrastructure organizations in the U.S. and Australia. Detect BianLian Ransomware According to the State of […]
Adversaries employ new Interlock ransomware in recently observed big-game hunting and double-extortion attacks against U.S. and European organizations in multiple industry sectors. Defenders assume with low confidence that Interlock ransomware might be a newly diversified group linked to the Rhysida ransomware affiliates or developers, based on comparable TTPs and encryptor binaries. Detect Interlock Ransomware Ransomware […]
Right after the joint advisory by FBI, CISA, and partners warning of a significant shift in the RansomHub RaaS group activity, security researchers have spotted the novel trick by adversaries misusing Kaspersky’s legitimate TDSSKiller software to disable Endpoint Detection and Response (EDR) systems. Once they’ve bypassed defenses, attackers turn to the LaZagne tool, siphoning login […]